<?php

namespace app\controllers\action;

/**
 * 用户模块
 */
class User
{
    /**
     * 登录
     * @param $conn \mysqli
     * @param $id string
     * @param $password string
     * @return bool
     */
    public static function login(&$conn, $id, $password)
    {
        if (empty($conn) || empty($id) || empty($password))
            return false;
        // mysqli_query($conn,"select * from user;");
        // $stmt = mysqli_prepare($conn, "SELECT * FROM `user` WHERE `username`=? AND `password`=? LIMIT 0,1;");
        $stmt = $conn->prepare("SELECT * FROM `teachers` WHERE `teacher_id`=? AND `password`=? AND is_check=1 LIMIT 0,1");
        $stmt->bind_param("ss", $id, $password);
        $stmt->execute();
        $result = $stmt->get_result();
        if ($row = $result->fetch_assoc()) {
            // $code = true;
            $_SESSION = $row;
            $_SESSION["user_type"] = "teacher";
            unset($_SESSION["password"]);
            $result->free_result();
            $stmt->close();
            return true;
        }
        // 学生判断
        $stmt = $conn->prepare("SELECT * FROM `students` WHERE `student_id`=? AND `password`=? LIMIT 0,1");
        $stmt->bind_param("ss", $id, $password);
        $stmt->execute();
        $result = $stmt->get_result();
        if ($row = $result->fetch_assoc()) {
            $_SESSION = $row;
            unset($_SESSION["password"]);
            $_SESSION["user_type"] = "student";
            $result->free_result();
            $stmt->close();
            return true;
        }

        return false;
    }

    /**
     * 注册
     * @param $conn \mysqli
     * @param $id string
     * @param $password string
     * @param $type string
     * @return bool
     */
    public static function register(&$conn, $id, $password, $type)
    {
        $type = intval($type);
        if (empty($id) || empty($password) || !isset($type))
            return false;
        $code = false;


        if ($type == 1) {
            $stmt = $conn->prepare("INSERT INTO `teachers`(`teacher_id`,`password`) VALUES(?,?)");
            $stmt->bind_param("ss", $id, $password);
            if ($stmt->execute()) {
                $_SESSION["teacher_id"] = $id;
                $code = true;
            }
            $stmt->close();

        } else {
            $conn->autocommit(false);
            $conn->begin_transaction();
            $stmt = $conn->prepare("INSERT INTO `students`(`student_id`,`password`) VALUES(?,?)");
            $stmt->bind_param("ss", $id, $password);
            $stmt2 = $conn->prepare("INSERT INTO `grades`(`student_id`) values (?)");
            $stmt2->bind_param("s", $id);
            if ($stmt->execute() && $stmt2->execute()) {
                $code = true;
                $conn->commit();
                $_SESSION["student_id"] = $id;
            } else {
                $conn->rollback();
            }
            $stmt->close();
            $stmt2->close();
        }


        // 关闭连接释放资源。

        return $code;
    }


    /**
     * 登出
     * @return bool
     */
    public static function logout()
    {
        $_SESSION = array();
        if (isset($_COOKIE[session_name()])) {
            setCookie(session_name(), '', time() - 3600, '/');
        }
        if (session_destroy())
            return true;
        return false;
    }

    /**
     *
     * @param $conn \mysqli
     * @param $old_password string
     * @param $new_password string
     * @param $user_type string
     * @return bool
     */
    public static function change_password(&$conn, $new_password, $user_type)
    {
        if (empty($conn) || empty($new_password) ||empty($user_type))
            return false;
        // mysqli_query($conn,"select * from user;");
        // $stmt = mysqli_prepare($conn, "SELECT * FROM `user` WHERE `username`=? AND `password`=? LIMIT 0,1;");
        if ($user_type == "teacher") {
            $stmt = $conn->prepare("update `teachers` set `password`=? where teacher_id=?");
            $stmt->bind_param("ss", $new_password, $_SESSION["teacher_id"]);
        } else if ($user_type == "student") {
            $stmt = $conn->prepare("update `students` set `password`=? where student_id=?");
            $stmt->bind_param("ss", $new_password, $_SESSION["student_id"]);
        } else {
            return false;
        }

        if ($stmt->execute()) {
            $stmt->close();
            return true;
        }

        return false;
    }

}